Traditional crime fighting by government and private groups against so-called “physical” crimes such as robberies, thefts, burglaries, rape, murder, arson, etc. has employed the use of mapping to represent the locations of crimes that have already occurred. This is done in a detective aspect to attempt to determine patterns, motives, and potential suspects as well as in a predictive quality in an attempt to anticipate victims or at least locations having an increased likelihood of experiencing a crime. This mapping has proved to be a valuable resource for solving and mitigating crime; however, it does not offer a complete picture.
Crimes in today's more technologically advanced world are more sophisticated and subtle than muggings, robberies and car-thefts occurring on the streets and easily associated with physical locations. The hacking of networks such as those now ubiquitous in billing and financial systems, viruses launched against computer systems, intrusions onto computer hosts and networks, fraudulent activities resulting in the theft of services such as telephone service (wired or wireless), cable television, Internet access, etc. are just a few examples of more technologically-sophisticated crimes that are not easily mapped to a physical location.
Businesses and organizations have also used technology in attempts to thwart these technologically-advanced crimes. One method is through the detection of anomalies in data associated with business transactions, such as the detection of unauthorized or malicious users on computer hosts and networks, often called intrusion detection and fraud detection systems.
For example, computer applications are created having several layers with each layer including detective, preventive, and corrective controls. At the business transaction layer, the detective controls apply business rules used for supervisory type reports that may be voluminous depending upon the nature of the business and the number of transactions occurring. Though a geographical correlation may exist between physical, network and computer-related crimes, such correlation may not be apparent from review of numerous discrete reports from various sources and of varying types and formats while simultaneously trying to mitigate the crime and respond to them.
These response schemes do not allow for an organization's management to easily identify the geographical location of the problem(s) and the location(s) at which resources are most needed. Furthermore, current response schemes do not allow an organization's response or management team timely access to geographical view(s) of the location of the crimes together with information relating to the status or progress of the response to the intrusion.